Given:
openssl smime -binary -sign -passin pass:SomePassword -signer cert.pem -inkey
key.pem -in Document.txt -out Document.txt.sig -outform DER
What *exactly* is done to the s/mime text to create a binary file?
I'm trying to do the equivalent in Java using BouncyCastle and just can't get
We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using
AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations)
causes it. Here is the simplified backtrace.
fips_drbg_bytes()
CRYPTO_w_lock(CRYPTO_LOCK_RAND)
FIPS_drbg_generate()
drbg_reseed()
We are beating this to death but one problem is that the encoded string is
not an exact number even of *bits* (except for favorable values of 'n').
I don't know what is so fascinating about this problem but I was thinking
about it again this morning. There may be 94 *possible* characters but any
On Tue, Aug 21, 2012, Nathan McCrina wrote:
On 08/21/12 23:04, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Nathan McCrina
Sent: Tuesday, 21 August, 2012 21:31
Not in commandline; in library it's fine.
See http://marc.info/?l=openssl-usersm=134463726501144w=2
Hi all,
We (and a couple of others) had faced this issue on Windows 7 and Windows
2008 systems. We raised the issue with MS and very recently they released a
hotfix to address the problem in Ntdll.dll. If you ever face the issue,
please install the hotfix from
I'm looking at
https://groups.google.com/forum/?fromgroups#!topic/mailing.openssl.users/j8O
bkLf6xgs
Do I interpret it correctly as saying that assuming I do not have some
clever source of entropy of my own, that I should just do nothing and let
OpenSSL do what it decides is best? In other
On Wed, Aug 22, 2012, Seiichi Tatsukawa wrote:
We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using
AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations)
causes it. Here is the simplified backtrace.
fips_drbg_bytes()
On 21 Aug 2012, at 2:39 PM, Bart W Jenkins wrote:
Given:
openssl smime -binary -sign -passin pass:SomePassword -signer cert.pem
-inkey key.pem -in Document.txt -out Document.txt.sig -outform DER
What *exactly* is done to the s/mime text to create a binary file?
Are you asking about the
Hi
We are in the process of adding support for ECDSA-ECDHE cipher suites and
hence ECDSA certificates to our server.
Right now, the server does the following:
1) Assign the ECDSA certificate to the SSL_CTX.
2) Set the callback for ECDH parameter generation using
SSL_CTX_set_tmp_ecdh_callback.
Hi folks,
Thanks for your help with previous questions. I have a new one, which
should hopefully be quick:
In implementing AES-CMAC-128 over a message, I assumed it would be
equivalent in OpenSSL to hand the EVP_aes_128_cbc() EVP_CIPHER to CMAC, as
I did not see a regular AES-128 EVP_CIPHER
Hi,
The 'Client Key Exchange' packet carries the encrypted premaster. I am working
on utility for decrypting the data and supported cipher suites are RC4_128_MD5
and RC4_128_SHA.
I observed that the encrypted premaster length varies in the 'Client key
exchange' packet. Sometimes it is
From: owner-openssl-us...@openssl.org On Behalf Of Tayade, Nilesh
Sent: Wednesday, 22 August, 2012 16:13
The 'Client Key Exchange' packet carries the encrypted
premaster. I am working on utility for decrypting the data
and supported cipher suites are RC4_128_MD5 and RC4_128_SHA.
Only for
For my own benefit and that of others, I made a page at
http://jmarshall.com/stuff/handling-nbio-errors-in-openssl.html listing
various error conditions after SSL_accept(), SSL_connect(), SSL_read(),
SSL_write(), and SSL_shutdown(), all on *non-blocking* sockets. The tables
show what to do after
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Dave Thompson
Sent: Thursday, August 23, 2012 2:31 AM
To: openssl-users@openssl.org
Subject: RE: About the encrypted premaster length.
From:
14 matches
Mail list logo
